In Part 1, we explored how AI is straining the boundaries of patent and copyright protections, eroding their traditional role as the bedrock of tech intellectual property strategies. We saw how legal uncertainty, shifting regulatory standards, and the growing use of AI-assisted tools have made it harder for companies to rely solely on these formal rights to safeguard their innovations.
Now, in this Part 2, we will turn to the increasing strategic importance of trade secrets for AI-driven companies. We’ll examine why secrecy-based protections are gaining ground as the central feature of modern IP programs and explore the layered technical, legal, and policy measures companies must adopt to secure sensitive data, models, and know-how in today’s high-risk innovation landscape.
III. Trade Secrets: The Last IP Standing?
As patents and copyrights face growing limitations, many companies are turning—often out of necessity—to trade secrets as their primary, and sometimes sole, mechanism for protecting innovation.
A. The statutory requirements for trade secret protections
Under the federal Defend Trade Secrets Act of 2016 (DTSA),1 and state versions of the Uniform Trade Secrets Act (UTSA), information qualifies as a trade secret only if it (1) is the subject of “reasonable measures” to maintain its secrecy, and (2) derives independent economic value from not being generally known or readily ascertainable through proper means (including reverse engineering).2 Simply labeling something a trade secret is not enough; companies must actively safeguard it.
Do not bother to apply for a patent in the AI age, unless you in parallel modernize your R&D, product development, and patenting procedures.
B. What “reasonable measures” look like in the AI age
In the AI era, taking “reasonable measures” to assert trade secret protections is especially urgent, given emerging risks such as:
- data poisoning (i.e., the deliberate insertion of misleading or corrupt data into machine learning systems in order to compromise their integrity),
- inadvertent model leakage (i.e., the accidental exposure of proprietary models, architectures, or training data due to poor controls or human error),
- insider misuse (i.e., unauthorized internal access or disclosure), and
- targeted attacks on the confidentiality of key assets.3
Under the DTSA, claiming trade secret status is never automatic. To preserve enforceability, companies must implement robust, demonstrable measures to maintain secrecy—and in the AI context, that means adapting both established and novel strategies.4 Without these precautions, companies risk that courts will find their information unprotected, even if it has substantial competitive value.
1. Technical Safeguards
Traditional technical safeguards—such as encryption, access controls, and secure storage—remain essential but must now extend to cover the unique contours of AI systems. Companies must secure not just software code but also proprietary datasets, trained models, fine-tuning parameters (the customized weights adjusted through task-specific retraining), prompt libraries (curated sets of optimized prompts and input patterns), and system outputs that may reveal sensitive internal processes. This includes implementing role-based access to limit who can view model architecture details, restricting who can interact with production models, and using robust monitoring to detect unauthorized access or anomalous use. As AI systems become more modular and interoperable, companies must also guard against leakage through integration points, ensuring that APIs or shared data channels do not inadvertently expose trade-secret information.
2. Contractual Protections—Internal and Third-Party
No technical safeguard is sufficient without complementary legal protections. Internally, companies should ensure that employment agreements, confidentiality policies, and internal controls explicitly cover the use and protection of AI-related assets—not just code but also datasets, models, and derived outputs. These agreements must prohibit unauthorized use, copying, or external sharing of AI materials and clarify post-employment obligations. Externally, companies must ensure that third-party non-disclosure agreements (NDAs) and other contracts with vendors, consultants, or partners include clear restrictions on reverse engineering, strict confidentiality obligations, defined ownership of jointly developed models, and security requirements aligned with internal standards. Regular audits and risk assessments are critical to ensuring compliance and minimizing gaps.
3. AI Policy
A well-designed, documented AI policy operationalizes both technical and contractual safeguards across the organization. It should define what qualifies as a trade secret within the company’s AI operations, set standards for classifying and labeling sensitive materials, and outline clear procedures for employee training, incident response, and internal auditing. Critically, it should also address the use of external generative AI tools, specifying when and how such tools may be used to avoid accidental disclosure of proprietary material into public or third-party systems. In the AI age, secrecy cannot be an ad hoc commitment—it must be embedded into company culture and operations.
By combining technical, legal, and policy safeguards, companies can strengthen their trade secret protection posture and preserve their strategic advantage in an increasingly AI-driven market.
IV. Conclusion
Patents have long been considered the gold standard for protecting innovations because a granted patent confers exclusive rights: even if another party independently invents the same thing, the patent holder can exclude them from using it. For any innovation that offers meaningful market advantages and can be reverse-engineered—especially by advanced AI tools—companies should seriously consider patent protection, provided they in parallel modernize their R&D and patenting procedures for the AI age.5
For many companies, though—particularly startups and small-to-medium enterprises (SMEs) with limited resources—patent protection is often a prohibitively costly gamble, demanding a king’s ransom to secure and defend. In many cases, an IP protection strategy centered on trade secrets offers a more practical, adaptable, and immediate means of safeguarding innovation.
AI raises the stakes for trade secret protection: it amplifies both the value of proprietary assets and the risks of exposure, whether through data leakage, insider threats, or sophisticated reverse-engineering. Unlike patents or copyrights, trade secrets derive their value not from formal registration but from secrecy itself, making them a fundamentally different—and in many ways, more fragile—form of IP.
To stay competitive, companies must modernize their R&D, product development, and internal compliance programs, ensuring they meet the heightened demands of protecting trade secrets in the AI age. Those that fail to do so will be outpaced not only by technological change but by competitors who understand that proactive IP strategies are no longer optional—they are essential not only for survival but for capturing the extraordinary opportunities unlocked by AI-driven innovation.
By combining technical, legal, and policy safeguards, companies can strengthen their trade secret protection posture and preserve their strategic advantage in an increasingly AI-driven market.
About the Author: Jim W. Ko is a patent attorney and focuses his practice on providing counsel for all the ways that intellectual property and artificial intelligence issues can and will impact businesses. He lives in Chandler, Arizona.
Read Part 1 of 2: The New Face of IP in the AI Age: Why Trade Secrets Matter More Than Ever for Tech. Click here!
